Integrator.exe

  • File Path: C:\program files (x86)\Glary Utilities 5\Integrator.exe
  • Description: Glary Utilities 5

Screenshot

Integrator.exe

Hashes

Type Hash
MD5 BD5EFF31291F2089276BC716FE9C958B
SHA1 18A04F29798C9206C418E8DFC990CC01D73E29C4
SHA256 EB991BF365EBE06DA3017F9BB7C1C2DBFD958C5A2D7F21F94AB8A2450CF7E259
SHA384 4DB788261B0BDDE7A09AE608EA6F98FF37A212C0D9C625260EC87E7A7E6AC92E455BD667DE9022AC17A788957A09EFB2
SHA512 4BEA0B3EEA402B63A1DAE05D1804E3602AD5B18D1F2500FB8B4537AB28B699EBD07EFF5B2A11E9062D3ABD8AE64AEEFF0D8550F223DE544C825987BFCC71BA3E
SSDEEP 24576:lxEPkbOUmcBPkGVP1RjETfSwtTxuWvZwnnvqxc:lxEPkbIGVzGSwtTxuyGnvqm

Runtime Data

Window Title:

Glary Utilities

Open Handles:

Path Type
(R-D) C:\Windows\Fonts\StaticCache.dat File
(R-D) C:\Windows\System32\en-US\crypt32.dll.mui File
(R-D) C:\Windows\System32\en-US\KernelBase.dll.mui File
(R-D) C:\Windows\System32\en-US\mswsock.dll.mui File
(R-D) C:\Windows\System32\en-US\propsys.dll.mui File
(R-D) C:\Windows\SysWOW64\en-US\user32.dll.mui File
(RW-) C:\Program Files (x86)\Glary Utilities 5 File
(RW-) C:\Users\user\Documents File
(RW-) C:\Windows File
(RW-) C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9625_none_508ef7e4bcbbe589 File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.19041.1_none_fd031af45b0106f2 File
(RW-) C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.450_none_4294d6e08a97344a File
\BaseNamedObjects__ComCatalogCache__ Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{6AF0698E-D558-4F6E-9B3C-3716689AF493}.2.ver0x0000000000000002.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*{DDF571F2-BE98-426D-8288-1A9A39C3FDA2}.2.ver0x0000000000000001.db Section
\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro Section
\BaseNamedObjects\F932B6C7-3A20-46A0-B8A0-8894AA421973 Section
\BaseNamedObjects\NLS_CodePage_1252_3_2_0_0 Section
\BaseNamedObjects\NLS_CodePage_437_3_2_0_0 Section
\BaseNamedObjects\windows_shell_global_counters Section
\Sessions\1\BaseNamedObjects\UrlZonesSM_user Section
\Sessions\1\BaseNamedObjects\windows_shell_global_counters Section
\Sessions\1\BaseNamedObjects\windows_webcache_counters_{9B6AB5B3-91BC-4097-835C-EA2DEC95E9CC}_S-1-5-21-2047949552-857980807-821054962-504 Section
\Sessions\1\Windows\Theme4048709601 Section
\Windows\Theme603176458 Section

Loaded Modules:

Path
C:\program files (x86)\Glary Utilities 5\Integrator.exe
C:\Windows\SYSTEM32\ntdll.dll
C:\Windows\System32\wow64.dll
C:\Windows\System32\wow64cpu.dll
C:\Windows\System32\wow64win.dll

Signature

  • Status: Signature verified.
  • Serial: 0F05AE21CDC17B9F3CF09D7BFC659BA3
  • Thumbprint: 362EBB303E088105BDCC07D94E6B7875D30C0D06
  • Issuer: CN=DigiCert Assured ID Code Signing CA-1, OU=www.digicert.com, O=DigiCert Inc, C=US
  • Subject: CN=Glarysoft LTD, O=Glarysoft LTD, S=Beijing, C=CN

File Metadata

  • Original Filename: Integrator.exe
  • Product Name: Glary Utilities
  • Company Name: Glarysoft Ltd
  • File Version: 5, 149, 0, 175
  • Product Version: 5, 0, 0, 0
  • Language: English
  • Legal Copyright: Copyright (c) 2003-2020 Glarysoft Ltd

File Similarity (ssdeep match)

File Score
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe 91
C:\Program Files (x86)\Glary Utilities 5\Integrator.exe 85

Possible Misuse

The following table contains possible examples of Integrator.exe being misused. While Integrator.exe is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma registry_event_asep_reg_keys_modification_common.yml - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' DRL 1.0
sigma registry_event_asep_reg_keys_modification_currentversion.yml - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' DRL 1.0
sigma registry_event_asep_reg_keys_modification_currentversion_nt.yml - 'C:\Program Files\Microsoft Office\root\integration\integrator.exe' DRL 1.0
sigma registry_event_asep_reg_keys_modification_currentversion_nt.yml - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' DRL 1.0
sigma registry_event_asep_reg_keys_modification_wow6432node.yml - 'C:\Program Files\Microsoft Office\root\integration\integrator.exe' DRL 1.0
sigma registry_event_asep_reg_keys_modification_wow6432node.yml - 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' DRL 1.0
sigma registry_event_office_vsto_persistence.yml - '\integrator.exe' DRL 1.0
sigma registry_event_removal_com_hijacking_registry_key.yml Image: 'C:\Program Files (x86)\Microsoft Office\root\integration\integrator.exe' DRL 1.0

MIT License. Copyright (c) 2020-2021 Strontic.